Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update flask_jwt_extended to 3.21.0 #100

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update flask_jwt_extended to 3.21.0 #100

wants to merge 1 commit into from

Conversation

pyup-bot
Copy link
Contributor

@pyup-bot pyup-bot commented Aug 6, 2019

This PR updates flask_jwt_extended from 3.15.0 to 3.21.0.

Changelog

3.21.0

* Require flask 1.0 or greater (263)
* Move docs to pallets-sphinx-themes (261)
* Add a new `JWT_DECODE_ISSUER` option for use with other JWT providers (259)
* Gracefully handle errors for malformed tokens (246)

3.20.0

* Look for JWTs in the same order that they are defined in `JWT_TOKEN_LOCATION`. Thanks stephendwolff!(256)

3.19.0

* Adds support for using multiple algorithms for decoding JWTs. Thanks Darkheir! (254)

3.18.2

* Fix `JWT_SESSION_COOKIE = False` creating a cookie that was too long in the future for some browsers (243). Thanks allen-cook!

3.18.1

* Fixes an issue when using `decode_token` on an expired token. This issue was introduced in `3.16.0`. (234)
* Require PyJWT `1.6.4` or newer (238)

3.18.0

* Add the ability to dynamically set user claims via the new `user_claims` argument to `create_access_token` and `create_refresh_token` functions (229). Thanks jeanphix 
* Add ability to use other datetime libraries for the token expiration configuration options. Anything that works with `datetime.datetime` (such as `dateutil`) will now work with extension (233). Thanks abathur

3.17.0

* Add the ability to use an integer (seconds) for the `JWT_ACCESS_TOKEN_EXPIRES` and `JWT_REFRESH_TOKEN_EXPIRES` settings. (226) Thanks evangilo!

3.16.0

This release changes how the  `jwt.expired_token_loader` callback function works. Before this release the callback function took no arguments. Now it will take one argument which is the decoded contents of the expired token. This lets you customize the expired token callback based on the token that was received. For example:

python
Old way
jwt.expired_token_loader
def old_expired_callback():
 return jsonify(foo='bar'), 401

New way
jwt.expired_token_loader
def new_expired_callback(expired_token):
 if expired_token['type'] == 'access':
     return jsonify(foo='bar'), 401
 else:
     return jsonify(foo='baz'), 401


**The old way will still work**, updating to this version will not break your software out from under you. You will however receive a deprecation warning when using that way. To fix this, simply add an addition argument to your callback function for the expired token.
Links

@pyup-bot pyup-bot mentioned this pull request Aug 6, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@pyup-bot